cifs: zero out session password before freeing it

cifs: zero out session password before freeing it

...just to be on the safe side.

Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>

diff --git a/fs/cifs/misc.c b/fs/cifs/misc.c
index 9ee3f689c2b0c0f78468082658d0aad8cf56791c..7c3f4b9230d7ffa81244d67ea21a06cfb33c889f 100644 (file)
--- a/fs/cifs/misc.c
+++ b/fs/cifs/misc.c
@@ -97,7 +97,10 @@ sesInfoFree(struct cifsSesInfo *buf_to_free)
        kfree(buf_to_free->serverOS);
        kfree(buf_to_free->serverDomain);
        kfree(buf_to_free->serverNOS);
-       kfree(buf_to_free->password);
+       if (buf_to_free->password) {
+               memset(buf_to_free->password, 0, strlen(buf_to_free->password));
+               kfree(buf_to_free->password);
+       }
        kfree(buf_to_free->domainName);
        kfree(buf_to_free);
 }